package cn.hp.realm;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import cn.hp.domain.ActiveUser;
import cn.hp.domain.User;
import cn.hp.service.PermissionService;
import cn.hp.service.PermissionServiceImpl;
import cn.hp.service.RoleService;
import cn.hp.service.RoleServiceImpl;
import cn.hp.service.UserService;
import cn.hp.service.UserServiceImpl;

public class UserRealm extends AuthorizingRealm{
	
	public String getName() {
		// TODO Auto-generated method stub
		return this.getClass().getName();
	}
	
	private UserService userService = new UserServiceImpl();
	private RoleService roleService = new RoleServiceImpl();
	private PermissionService permissionService = new PermissionServiceImpl();

	//完成用户认证
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		//获取当前登录的用户名
		String username = token.getPrincipal().toString();
		System.out.println(username);
		//获取当前登录的用户密码
		//Object password = token.getCredentials();
		//System.out.println(Arrays.toString((char[])password));
		
		//根据用户名取数据库查询用户信息
		User user = userService.findUser(username);
		if(user != null) {
			//根据用户名去数据库中查询用户的角色
			List<String> roleList = roleService.findRoleByUsername(user.getUsername());
			
			
			//根据用户名去数据库中查询用户的权限
			List<String> permissionList = permissionService.findPermissionByUsername(user.getUsername());
			ActiveUser activeUser = new ActiveUser(user, roleList, permissionList);
			
			//判断密码是否正确
			//p1：用户身份  p2：数据库里面用户的密码  p3：当前类名
			SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(activeUser, user.getPassword(), getName());
			return info;
		}
		
		return null;
	}

	//授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//System.out.println("doGetAuthorizationInfo");
		SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
		ActiveUser activeUser = (ActiveUser) principals.getPrimaryPrincipal();
		if(activeUser.getUser().getType()==0) {
			info.addStringPermission("*:*");
		}else {
			//根据用户名从数据库中获取用户的角色
			//List<String> roleList = roleService.findRoleByUsername(user.getUsername());
			List<String> roleList = activeUser.getRoleList();
			if(roleList!=null && roleList.size()>0) {
				info.addRoles(roleList);
			}
			//根据用户名从数据库中获取用户的权限
			//List<String> permissionList = permissionService.findPermissionByUsername(user.getUsername());
			List<String> permissionList = activeUser.getPermissionList();
			if(permissionList!=null && permissionList.size()>0) {
				info.addStringPermissions(permissionList);
			}
		}
		
		
		//给用户添加角色
		/*List<String> roleList = new ArrayList<>();
		roleList.add("role1");
		roleList.add("role2");
		roleList.add("role3");
		info.addRoles(roleList);*/
		//给用户添加权限
		/*List<String> permissionList = new ArrayList<>();
		permissionList.add("user:add");
		permissionList.add("user:delete");
		permissionList.add("user:update");
		permissionList.add("user:query");
		info.addStringPermissions(permissionList);*/
		
		//超级管理员  什么权限都有。    怎么判断一个用户是超级管理员？
		//info.addStringPermission("*:*");
		
		return info;
	}

}
